Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
DIGIT CENTRIS ERP Every version SQL Injection via datum1 Parameter
Vulnerability Description
DIGIT CENTRIS ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the datum1, datum2, KID, and PID parameters. Attackers can send POST requests to /korisnikinfo.php with malicious SQL syntax in these parameters to extract or modify sensitive database information.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
DIGIT CENTRIS ERP SQL注入漏洞
Vulnerability Description
DIGIT CENTRIS ERP是DIGIT公司的一个企业资源规划系统。 DIGIT CENTRIS ERP存在SQL注入漏洞,该漏洞源于datum1、datum2、KID和PID参数存在SQL注入,可能导致未经验证的攻击者操纵数据库查询。
CVSS Information
N/A
Vulnerability Type
N/A